How do I configure multiple hostnames on a server for Shibboleth?

To support another hostname on the same server that is already configured for Shibboleth you will need to clone the endpoints that were added to your metadata during registration, changing the hostnames. You should have one set of endpoints for each hostname.

  1. Visit the I-Trust Federation Registry.
  2. Click Login and locate the service provider for which you want Shibboleth to be used with more than one hostname.
  3. Click on SAML tab, then Enpoints tab:
    • In Assertion tab, click Add endpoints and duplicate the 2 entries (Artifact, POST) using a unique index for each and the hostname you want to add. Pick any number for the index, as long as it’s not already assigned to any of the other endpoints in your metadata.
    • In Logout tab, click Add endpoints and duplicate the 4 entries (Redirect, SOAP, Artifact, POST) using the hostname you want to add.
    • In Discovery tab, click Add endpoints and duplicate the 1 entry (Login) using a unique index (just like in the Assertion tab) and the hostname you want to add. 

Once you have added the new endpoints, the metadata will be published within 15 minutes. UIC IDP checks for updates every 20 minutes, so wait some time before checking Shibboleth login on the new hostname.

Tip: Set up a redirect from http:// to https:// for the URLs which are to be protected by Shibboleth. If you access the URL via http, there will be a circular loop between the SP and the IDP.

Need help?

Last updated: 

August 03, 2015

Browse by tag